ASIC Enforcement Review

Position and Consultation Paper 4

Industry Codes in the Financial Sector

28 June 2017

1

© Commonwealth of Australia 2017

ISBN 978-1-925504-56-9

This publication is available for your use under aCreative Commons Attribution 3.0 Australialicence, with the exception of the Commonwealth Coat of Arms, the Treasury logo, photographs, images, signatures and where otherwise stated. The full licence terms are available from.

Use of Treasury material under a Creative Commons Attribution 3.0 Australia licence requires you to attribute the work (but not in any way that suggests that the Treasury endorses you or your use of the work).

Treasury material used ‘as supplied’

Provided you have not modified or transformed Treasury material in any way including, for example, by changing the Treasury text; calculating percentage changes; graphing or charting data; or deriving new statistics from published Treasury statistics — then Treasury prefers the following attribution:

Source: The Australian Governmentthe Treasury.

Derivative material

If you have modified or transformed Treasury material, or derived new material from those of the Treasury in any way, then Treasury prefers the following attribution:

Based on The Australian Government the Treasury data.

Use of the Coat of Arms

The terms under which the Coat of Arms can be used are set out on the It’s an Honour website (see).

Other uses

Enquiries regarding this licence and any other use of this document are welcome at:

Manager
Communications
The Treasury
Langton Crescent
Parkes ACT 2600
Email:

1

Annexure B – ASIC enforcement review taskforce terms of reference

Contents

Executive summary

1.Background

2.Current issues

Subscription to codes

ASIC approval of codes

3.Possible solutions

Annexure A — industry codes in other contexts / jurisdictions

Industry codes under the Competition and Consumer Act 2010

Prescribed codes of conduct in the United Kingdom

Prescribed codes of conduct in Hong Kong

Voluntary codes of conduct in Canada

Annexure B – ASIC enforcement review taskforce terms of reference

Page 1

Annexure B – ASIC enforcement review taskforce terms of reference

Executive summary

Self-regulatory initiatives are a means by which participants in an industry can demonstrate their commitment to good practices by themselves and their peers. Industry codes – often described as ‘codes of practice’ or ‘codes of conduct’ – have been said to be “at the apex of industry self-regulatory initiatives.”[1] Ideally, the existence of codes should serve to improve consumer confidence in the relevant industries. The Australian financial sector has a system of codes to which most participants in key industries subscribe.

As noted in the recent Review of the financial system external dispute resolution and complaints framework(Ramsay Review), “the number of disputes [in the sector] remains small compared to the overall size of the system and the number of interactions individuals have with it.”[2] However, as the Ramsay Review further notes: “the impact of financial disputes on the lives of individuals and their families can be devastating.”[3]

The impact on the lives of those affected by poor practices, as brought to light in media reports and in Parliamentary and other inquiries, has resulted in the Australian financial sector coming under intense public and regulatory scrutiny in recent times and in the impairment of consumer confidence in the sector. In this context it is apt to consider whether self-regulatory initiatives such as industry codes are achieving their potential, and whether that potential could better be achieved by the introduction of a co-regulatory model – at least for codes in relation to key services provided to retail and small business customers.

Under a co-regulatory model, industry participants would be required to subscribe to an ASIC approved code, and in the event of non-compliance with the code an individual customer would be entitled to seek appropriate redress through the participant’s internal and external dispute resolution arrangements. A code monitoring body would monitor the adequacy of the code and industry compliance with it over time, and periodically report to ASIC on these matters. However, the content of the code would remain a matter for industry to determine consistent with the broad criteria set by ASIC. To propose a
co-regulatory model does not connote a call for the content of codes to be incorporated into statute or regulation. Though calls have been made for such a measure,[4] the Taskforce believes that there is room to substantially strengthen the code regime while preserving the participatory role for industry – a role that legislating code content would remove.

The introduction of a co-regulatory model in appropriate parts of the financial sector could serve to improve significantly the content, consistency and enforceability of codes, and so have a profound effect on consumer confidence. For these reasons (and those set out in more detail below), the Taskforce adopts a preliminary position consistent with the co-regulatory model. The key components of such a model would be:

Position 1:The content of and governance arrangements for relevant codes (those that cover activities specified by ASIC as requiring code coverage) should be subject to approval by ASIC.

Position 2:Entities engaging in activities covered by an approved code should be required to subscribe to that code (by a condition on their AFSL or some similar mechanism).

Position 3:Approved codes should be binding on and enforceable against subscribers by contractual arrangements with a code monitoring body.

Position 4:An individual customer should be able to seek appropriate redress through the subscriber’s internal and external dispute resolution arrangements for
non-compliance with an applicable approved code.

Position 5:The code monitoring body, comprising a mix of industry, consumer and expert members, should monitor the adequacy of the code and industry compliance with it over time, and periodically report to ASIC on these matters.

The Taskforce recognises that this co-regulatory model may not be appropriate for all activities conducted in the financial sector. The specification of activities that should be covered by approved codes would best be left to ASIC to determine by instrument where it considers this appropriate and necessary. That said, the Taskforce considers that these activities should ideally align with the proposed jurisdiction of the new Australian Financial Complaints Authority (AFCA). To this end, each code should be expressed to apply to dealings between a subscriber and anyone who is entitled to access the dispute resolution system operated by the AFCA in respect of those dealings.

The Taskforce anticipates that the kind of activity that would ultimately be covered by the approved code requirement would include retail banking, retail life insurance, the provision of insurance and associated services through superannuation or other group arrangements, retail general insurance, insurance brokerage, and the provision of ePayments services (noting that special considerations may apply to the ePayments code, as it is administered by ASIC (see below for details)). This list is not intended to be exhaustive, and is subject to the Taskforce’s view outlined above, that ASIC should be the final arbiter of activities that should be subject to the requirement.

There should ideally be a single approved code covering an activity, rather than a proliferation of alternative codes.

The Taskforce notes that ASIC’s power to approve codes (currently contained in section1101A of the Corporations Act), is likely to require amendment to facilitate the newmodel and to give ASIC flexibility to apply the requirement in respect of a broad range of activities.

Certain conduct associated with forming and subscribing to codes may also enliven provisions of Part IV of the Competition and Consumer Act 2010. Consideration will need to be given to whether these matters should be expressly taken to be authorised as an exception to Part IV.[5]

The proposed model does not preclude the adoption of other, voluntary codes in other parts of the financial sector (for example, in relation to dealings with wholesale customers or in relation to activities not specified by ASIC).

Many of the necessary requirements for content of the codes would already be spelt out in ASIC’s Regulatory Guide 183. However, it may be necessary for ASIC to review and update that document, to capture the full spectrum of requirements of this co-regulatory model. Specifically, ASIC approval should be subject to the following requirements:

  1. Each code would set out base level (rather than ‘best practice’) service standards that a consumer or small business customer can expect in dealings with the subscriber. Itshould not repeat or paraphrase existing legal obligations. It should be drafted in plain language, and be brief.
  2. Codes should be formulated by an incorporated code body, the board of which includes an appropriate mix of industry representatives, consumer representatives and independent experts.
  3. Codes should contain robust enforcement provisions including:
  4. Subscribers should be contractually bound to comply with the code, by an agreement with the code body.Where ASIC considers it appropriate, there could also be a requirement that the provisions of the code be incorporated into agreements with customers.
  5. Codes should expressly provide that a subscriber’s failure to comply with the code is to be taken into account in resolving disputes with individual customers through the subscriber’s IDR and by AFCA, on the basis that compliance with the code by subscribers is expected (rather than optional or aspirational).
  6. Each subscriber would be required to monitor its ongoing compliance with the code and report periodically to the code body. If, based on that report or following notification (for example by ASIC, AFCA or a relevant consumer or industry body) of concerns about a subscriber’s code compliance record, the code body considers that there is systemic non-compliance, the code body could require the subscriber to take steps to improve its compliance practices. The code body could also escalate concerns to ASIC for further investigation (for example, of whether the non-compliance is evidence of a failure by the subscriber to meet the requirements of CA s 912A).
  7. The code body should keep the code content under review on an ongoing basis and adapt it to changing market conditions.

Finally, the Taskforce acknowledges that ASIC’s enhanced role under the new model mayrequire additional resourcing and the Government should consider making this available.

Page 1

Annexure B – ASIC enforcement review taskforce terms of reference

1.Background

  1. Codes of Conduct have existed in the financial services sector since the late 1980s with the introduction of the Electronic Funds Transfer Code of Practice. These industrybased systems of code and disputeresolution scheme were developed on a sectoral basis prior to the reform of the sector through the Corporations Act. The Code of Banking Practice, introduced in November 1993 had its genesis in a parliamentary inquiry (Martin Committee) into the banking system that supported legislative codification of banking law. At the time of its establishment, the Banking Code substantively filled regulatory gaps and preceded the current licensing and conduct regime in the Corporations Act.
  2. Since then, the Government’s approach to codes has been to provide flexibility to industry participants and foster an environment whereby industry works cooperatively with the regulator and consumer associations to establish best practice. In this context, selfregulation is primarilyabout providing protection for consumers of financial products and services through the setting of standards of conduct and providing a system of informal dispute resolution.[6]
  3. The Electronic Funds Transfer Code of Practice (now known as the ePayments code) provides the only example of a coregulatory code currently operating in the retail financial services system. It is a voluntary industry code regulating consumer electronic payments — including automatic teller machines, electronic funds transfers at point of sale, internet banking and BPAY. In setting out a regime for the allocation of liability for unauthorised transactions the ePayments code provides important consumer protections. Many banks, credit unions and building societies currently subscribe to the ePayments code along with a number of nonbanking subscribers such as PayPal. The code is coregulatory because ASIC is responsible for the administration of the code as there is no single industry body that has been able to accept responsibility for administering or monitoring compliance. The Financial System Inquiry, in a recommendation the Government subsequently agreed with, said that the ePayments Code should be mandated.[7]
  4. The most recent code to be developed in the financial services sector is the Life Insurance Code of Practice. The inception of this code occurred as a result of calls for reform to the life insurance and financial advice sectors in Australia.
  5. In 2015, the Trowbridge Report recommended that a Life Insurance Code be developed and modelled on the General Insurance Code of Practice and aimed at setting standards of best practice for life insurers, licensees and advisers for the delivery of effective life insurance outcomes for consumers (Policy Recommendation6).[8] The Code came into effect from 11October 2016 and all Financial Services Council life insurer members (which does not include all industry participants) will be bound by the Code by30June2017.
  6. ASIC has the power under the Corporations Act to approve codes, though it is not required to do so and can only do so upon an application. To gain ASIC approval, industry must have regard to the guidelines contained inRegulatory Guide 183 Approval of financial service sector codes of conduct (RG 183). This guide sets out the key criteria that must be met for a code to be considered for approval by ASIC. These include requirements for the code to be written in plain language, to address stakeholder issues, to provide for consistent monitoring and compliance, and for mandatory threeyear code reviews. According to RG 183, while approval is optional, where approval by ASIC is sought and obtained, it is a signal to consumers that this is a code they can have confidence in.[9]
  7. Currently there are 11 codes in the financial services industry with one having received ASIC approval under the Act.[10]The codes are the:
  8. Code of Banking Practice, an initiative of the Australian Bankers’ Association;
  9. Customer Owned Banking Code of Practice (developed by Abacus, now the Customer Owned Banking Association);
  10. Financial Planning Association of Australia’s Code of Professional Practice;
  11. General Insurance Code of Practice;
  12. ePayments Code;
  13. National Insurance Brokers Association’s Insurance Brokers Code of Practice;
  14. Mortgage & Finance Association of Australia’s Code of Practice;
  15. Finance Brokers Association of Australia’s Code of Conduct;
  16. Australian Collectors and Debt Buyers Association Code of Practice;
  17. Financial Services Council’s Life Insurance Code of Practice; and
  18. Financial Planning Association Professional Ongoing Fees Code (ASIC approved).[11]
  19. By their nature, codes in the financial services industry contain industry specific rules. For example, the Code of Banking Practice contains rules governing customer accounts, direct debits, chargebacks, guarantees and debt collection. The insurance codes govern areas such as sales practice and claims handling. Collectively, these codes also prescribe rules for dispute resolution and sanctions for breaches. The content of codes typically has a consumer focus, establishing best practice rules for how signatories interact with their customers. These rules fill a regulatory gap in areas which require flexibility and the ability to respond to changing expectations and circumstances. Codes are able to provide efficient and effective dispute resolution, as well as having potential to improve industry practices.
  20. A key component of any effective industry code is its ability tomonitor compliance and enforce sanctions and remedies for breaches. The enforcement of industry codes generally lies with an internal compliance body setup under each individual code. For example, under the General Insurance Code of Practice, the Code Governance Committee is the body responsible for monitoring and enforcing the Code.
  21. In order for a code to be enforceable, subscribers must first agree to be bound by the terms of the code. There are two main types of arrangements for contractual enforceability. In the first and most common, there is a contractual agreement to abide by the code between subscribers and the relevant body with the power to administer and enforce the code (for example, General Insurance Code of Practice administered by the Code Governance Committee). The second is where code subscribers incorporate their agreement in individual contracts with consumers (for example, written directly into the terms and conditions of a particular product).
  22. Another key mechanism for code compliance is, effectively, through external dispute resolution mechanism like the Financial Ombudsman Service (FOS) (or the planned Australian Financial Complaints Authority). Consumers can bring complaints to the FOS where they are not satisfied after complaining to the relevant provider. Code compliance committees may also refer disputes to the FOS in certain circumstances.Codes are relevant in the FOS context because its terms of reference provide that, in deciding what is fair in all the circumstances, it can have regard to “applicable industry codes or guidance as to practice”.
  23. Codes may also give rise to enforceable rights in court actions — for example based on arguments that codes form, either expressly or impliedly, part of the contract between the parties. In addition, the Australian Securities and Investments Commission Act 2001 (ASIC Act) provides that a court may have regard to an industry code in determining whether the conduct of a financial services supplier is unconscionable (provided the service recipient acted on the reasonable belief that the supplier would comply with that code).[12]However, the status of the various codes in terms of enforceability in the courtsis not entirely clear.[13]

Page 1

Annexure B – ASIC enforcement review taskforce terms of reference

2.Current issues

  1. There are two key issues that the positions put in this paper seek to address:

•The benefits of industry codes are not available to significant numbers of consumers because not all players in relevant industry subsectors are code subscribers.